Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1665
Views
0
Helpful
4
Replies

Problem with DMZ

Go to solution
sistemas.p
Level 1
Level 1

‎05-31-2019 06:04 AM

Hello all,

 

I have a problem with an asa 5515 Firewall.
I created a DMZ, with the ASDM, configured route, etc.
this DMZ I have to connect virtual machines. I configured the CORE cisco Vss4500 with port-channell and all. But when I connect the Vcenters switch and configure the Vlan of the DMZ, which I created in ASA 5515, and put the ip, it doesn't connect. If instead I connect a PC to the Core or to a switch connected to the Core, and put the IP of the DMZ, the connection is established.
Is there any particular configuration I need to do in the ASA for the DMZ?

 

I add photos

 

THX a lott

 

Labels:
Preview file
49 KB
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Seb Rupik
VIP Alumni
VIP Alumni
In response to sistemas.p

‎06-03-2019 02:01 AM

Hello again,

I am reading you first post with a set of fresh eyes...

Are you saying that from the a device connected to the core on VLAN550 you can ping the ASA DMZ IP (Po1.550), it is just from vCenter that you cannot reach the ASA interface?

If so that sounds like an issue with the vSwitch or between the physical network infrastructure and the ESXi host.

From the switch which is connected to the ESXi host can you confirm that VLAN550 is is a STP FWD state on the connecting link?

 

cheers,

Seb.

View solution in original post

0 Helpful
4 Replies 4

Go to solution
Seb Rupik
VIP Alumni
VIP Alumni

‎05-31-2019 06:33 AM

Hi there,

Can you confirm that you are tagging VLAN550 from the core switch to the ASA via Po1 ?

 

cheers,

Seb.

0 Helpful

Go to solution
sistemas.p
Level 1
Level 1
In response to Seb Rupik

‎06-03-2019 01:13 AM

Hi Seb,

 

no the TAg is from and to Po64, like the other s VLANs in TRUNK, that working fine 

 

THX 

 

SAL 

0 Helpful

Go to solution
Seb Rupik
VIP Alumni
VIP Alumni
In response to sistemas.p

‎06-03-2019 02:01 AM

Hello again,

I am reading you first post with a set of fresh eyes...

Are you saying that from the a device connected to the core on VLAN550 you can ping the ASA DMZ IP (Po1.550), it is just from vCenter that you cannot reach the ASA interface?

If so that sounds like an issue with the vSwitch or between the physical network infrastructure and the ESXi host.

From the switch which is connected to the ESXi host can you confirm that VLAN550 is is a STP FWD state on the connecting link?

 

cheers,

Seb.

0 Helpful

Go to solution
sistemas.p
Level 1
Level 1
In response to Seb Rupik

‎06-05-2019 06:31 AM

Hi Seb,

I solved the problem, it was the VLAN in the Vswitch that was not configured, I did a Wr to the switch and then I turned it off. so it worked

Thanks for your help

 

Regards,

 

Salva

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card